I followed the procedure exactly as stated. The only real difference is that my device connects from an external location to my home MQTT broker (I opened port 8883 and forwarded it to the broker). I can see the connection attempts, but the SSL handshake fails every time... is there a known solution for that?

Arduino-ESP32 SDK has been updated and new WiFiClientSecure library not working any more. In order to fix it, please using the old github commit or download the zip file here.

After downloading the old commit; extract it; go to the libraries folder; copy theWiFiClientSecure folder; replace the current WiFiClientSecure folder (in Arduino/hardware/espressif/esp32/libraries or refer here) by the copied WiFiClientSecure folder.